#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

tor | Breaking Cybersecurity News | The Hacker News

Cryptography Hacks - Hash Encryption using DuckDuckGo Search Engine

Cryptography Hacks - Hash Encryption using DuckDuckGo Search Engine

Jan 30, 2014
Over the past several months, it has become clear that the Internet and our Privacy have been fundamentally compromised. A Private search engine DuckDuckGo claims that when you click on one of their search results, they do not send personally identifiable information along with your request to the third party. Like Google dorks (advance search patterns), there are thousands of similar, but technically more useful search hacks are also available in DuckDuckGo called DuckDuckGoodies . Today I am going to share about Handy " Cryptography " using DuckDuckGo search engine . Whether you are a Hacker, Cracker or a Researcher, you need to face a number of hash strings in your day to day life. Hashing is a one way encryption of a plain text or a file, generally used to secure passwords or to check the integrity of the file. There is a certain set of hashing algorithms, e.g.md5, sha1, sha-512 etc. A hash function generates the exact output if executed n numbe
CryptorBit Ransomware that scam for Ransom money with fake Decryption Keys

CryptorBit Ransomware that scam for Ransom money with fake Decryption Keys

Jan 28, 2014
We are continuously keeping our eye on new variants of the widely spread Ransomware family like Cryptolocker , Prison Locker, Copycat and Locker which encrypts your files and ask for a random amount to decrypt it.  If infected by such malware, to be very honest, there is no hope for recovering your documents without paying a ransom amount to the cyber criminals. Online users are now facing another similar ransomware called ' CryptorBit ', ( Virustotal report ) first spotted on September 2013. It is not a variant of Cryptolocker but it does exactly the same thing i.e. Encrypt all the files on the Hard Disk. CryptorBit is an infection that activates by clicking links in a spam message or malicious email, or websites while browsing the web, or by opening an attachment in an email from a malicious source. Once your system gets infected by the CryptorBit, it will encrypt your files and hold them until a ransom of $50 - $500 or more is not paid. It will display
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
FBI seized entire database of TorMail service; using it to catch Criminals

FBI seized entire database of TorMail service; using it to catch Criminals

Jan 27, 2014
Using Tormail Email service for being Anonymous online while conversations and mail exchange?? There is a very disappointing news for all   current and past users, US Federal Bureau of Investigation (FBI) has a complete copy of Tormail server and they are using it to catch the Criminals & Hackers. According to court documents that recently surfaced, the FBI  have cloned the entire email database while investigating Freedom Hosting. In August 2013, when the FBI seized the Tor network's top web host, Freedom Hosting , that gave the feds access to every record of every anonymous site hosted by Freedom Hosting , including TorMail , a service that allowed to send and receive email anonymously . New evidence uncovered by Wired suggests those archives are now being used in completely unrelated investigations, but possibly now the FBI is mining the information from that database to track cyber criminals. Remember the shutdown of the Silk Road black market?? A
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Malicious Russian Tor Exit Relays Intercepting encrypted Traffic of Facebook Users

Malicious Russian Tor Exit Relays Intercepting encrypted Traffic of Facebook Users

Jan 24, 2014
Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship. When you use the Tor software, your IP address remains hidden and it appears that your connection is coming from the IP address of a Tor exit relay or nodes , which can be anywhere in the world. An exit relay is the final relay that Tor traffic passes through before it reaches its destination. According to a recent report ' Spoiled Onions: Exposing Malicious Tor Exit Relays ', published by security researchers Phillip Winter and Stefan Lindskog revealed that almost 20 exit relays in the Tor anonymity network that attempted to spy on users' encrypted traffic using man-in-the-middle techniques. Both Researchers spent more than four months studying on the Tor exit nodes using their own scanning software called " exitmap " and detected su
28% of Internet Users know the Importance of Online Privacy Tools

28% of Internet Users know the Importance of Online Privacy Tools

Jan 23, 2014
Privacy is "workings of your mind". We share our personal moments captured in images, credit card details, thoughts that are personal or professional with a person or a certain group at different instances of time and want it to be safe and secure. We use an electronic gadget to share something trusting blindly the service provider company which may have to obey some unveiled laws of that country to which it belong and our data might be at risk. The surveillance programs can force these companies to store the information and share it with the Government and can even sniff all the data passing through the channels i.e. Wire or Air, and hence compromise our privacy. Though surveillance programs were in existence before Snowden's leaks, but after the revelation of NSA's surveillance programs, we need to think twice when it comes to our privacy. 28% of all Internet users, i.e. 415 Million people say that they use some sort of privacy tool for their Internet browsing sessio
Microsoft remotely deleted Tor-based 'Sefnit Botnet' from more than 2 Million Systems

Microsoft remotely deleted Tor-based 'Sefnit Botnet' from more than 2 Million Systems

Jan 21, 2014
In October 2013, Microsoft adopted a silent, offensive method to tackle infection due to a Tor-based botnet malware called ' Sefnit '. In an effort to takedown of the Sefnit botnet to protect windows users, Microsoft r emotely removes the older versions of installed Tor Browser software and infection from 2 Million systems, even without the knowledge of the system's owner. Last year in August, after Snowden revelations about the National Security Agency's ( NSA ) Spying programs, the Internet users were under fear of being spied. During the same time Tor Project leaders noticed almost 600% increase in the number of users over the anonymizing networks of Tor i.e. More than 600,000 users join Tor within few weeks. In September, researchers identified the major reason of increased Tor users i.e. A Tor-based botnet called ' Sefnit malware ', which was infecting millions of computers for click fraud and bitcoin mining. To achieve the maximum number
U.S. Judge ordered the largest Ever Forfeiture of 29,655 Bitcoins seized from Silk Road

U.S. Judge ordered the largest Ever Forfeiture of 29,655 Bitcoins seized from Silk Road

Jan 20, 2014
In last October, the Feds told they would probably just  liquidate the bitcoins  seized from the online black market Silk Road, once they were legally free to do so. Finally the United States District Judge  J. Paul Oetken   signed off  on the forfeiture order for the Bitcoins, clearing the government to sell the assets. Last September, the FBI had seized  29,655 Bitcoins from the online black market Silk Road after its alleged 29-year-old mastermind, Ross William Ulbricht , aka ' Dread Pirate Roberts ' was arrested and charged with possessing controlled substances and committing or conspiring to commit computer hacking offenses, among other charges. This new ruling represents the largest-ever forfeiture of Bitcoins . The assets include the Silk Road hidden website and 29,655 Bitcoins , worth more than $28 Million according to current exchange rates. Manhattan U.S. Attorney Preet Bharara said: "With today's forfeiture of $28 million worth of Bitcoins fr
Researchers spotted 'Chewbacca', a new Tor-based Banking Trojan

Researchers spotted 'Chewbacca', a new Tor-based Banking Trojan

Dec 18, 2013
Cyber Criminal activity associated with the financial Trojan programs has increased rapidly during the past few months. However, the Tor -based architecture is the favorite one with online criminals, to hide their bots and the botnet's Command-and-Control real location from the security researchers. Security Researchers at anti-virus firm  Kaspersky Lab have discovered a new Tor-based  banking trojan , dubbed " ChewBacca " (" Trojan . Win32 . Fsysna . fej ")  , that steal banking credentials and hosted on a Tor . onion domain. This protects the location of a server as well as the identity of the owner in most cases. Still there are drawbacks preventing many criminals from hosting their servers within Tor. Due to the overlay and structure, Tor is slower and timeouts are possible. Massive botnet activity may influence the whole network, as seen with Mevade, and therefore let researchers spot them more easily. ChewBacca   malware is not first that adopt Tor for
The Evolution of Cyber Threat; Interview with IntelCrawler's Researchers

The Evolution of Cyber Threat; Interview with IntelCrawler's Researchers

Dec 16, 2013
Today I desire to propose an interview with Andrey Komarov , CEO of IntelCrawler and Dan Clements , President of IntelCrawler. IntelCrawler  is a multi-tier intelligence aggregator, which gathers information and cyber prints from a starting big data pool of over 3, 000, 000, 000 IPv4 and over 200, 000, 000 domain names, which are scanned for analytics and dissemination to drill down to a desired result. I have prepared for them a series of answers and questions to analyze significant evolutions in the cyber-threat landscape: Q. Which are the most concerning cyber threats for private businesses and government organizations? A. Avoiding talking about usual and standard things, of course, the most dangerous and annoying is the emergence of fundamentally new vulnerabilities in critical applications and systems. " Zero day " vulnerabilities market is developing every day and taking the shape of a part of the future cyber warfare market , as it is still in the process of formati
Cryptocat, a Secure and Encrypted chat blocked in Iran

Cryptocat, a Secure and Encrypted chat blocked in Iran

Nov 24, 2013
Users in Iran call Internet as " Filternet ", because of the heavily censored Internet access they have. Million Iranians used VPN servers to access the outside world. In October, 2013 Jack Dorsey, the co-founder of Twitter asked Iranian President, ' Are citizens of Iran able to read your tweets? ' In Reply Mr. The President said that he will work to make sure Iranians have access to information globally in what appears to be a reference to reducing online censorship. Just after promising to support Internet Freedom, the Iran Government has banned yet another web application called -  Cryptocat , a tool that allows for secure and encrypted chat. The app is well known for bringing encrypted communications to the masses, popular with human rights activists and journalists around the world. According to ' Blockediniran.com ', Cryptocat website and the associated private chat service were inaccessible to our users in Iran. Currently since Monday.  ' It cu
Dutch Police arrested TorRAT Malware Gang for stealing over Million Dollar

Dutch Police arrested TorRAT Malware Gang for stealing over Million Dollar

Oct 28, 2013
The TorRAT malware was first appeared in 2012 as spying tool only. But from August 2012, Bitcoin Mining feature was added and it became a powerful hacking tool that was commonly associated with attacks on Financial institutions. ab This year TorRat Malware targeted two out of three major Banks in the Netherlands and the  criminals stole over Million Dollars from user' Banking Accounts. The Dutch  police has arrested four men from Alkmaar, Haarlem, Woubrugge and Roden on last Monday, who are suspected of involvement in the large scale digital fraud and money laundering case using TorRat Malware. Using Spear Phishing techniques, gang  targeted the victims to access their computers and the Financial accounts. The gang used anonymous VPN services, Bitcoins, TorMail and the Tor network itself to remain anonymous. Malware is also capable of manipulating the information during online banking , can secretly add new payment orders and also able to modify existing
NSA using Browser Cookies to track Tor Users

NSA using Browser Cookies to track Tor Users

Oct 05, 2013
Yesterday a new classified NSA document was leaked by Edward Snowden - titled ' Tor Stinks ' in which ideas were being kicked around for identifying Tor users or degrading the user experience to dissuade people from using the Tor browser. The NSA had a very hard time while tracking down all Tor  users and monitoring their traffic, especially since Tor servers are all over the world, but they make tracking easier by adopting  the following techniques: By running their own hostile Tor nodes Using zero-day vulnerability of Firefox browser By tracking user' browser Cookies Tor access node tracking is not new and the Document says that both the NSA and GCHQ run Tor nodes themselves. In order to trace traffic back to a particular Tor user the NSA needs to know the ' entry, relay and exit ' nodes in the anonymizer cloud between the user and the destination website. So for tracking purpose they used self-hosted nodes, that is able to trace a very small number of To
Underground Drugs Market website 'Silk Road' Founder Arrested by FBI

Underground Drugs Market website 'Silk Road' Founder Arrested by FBI

Oct 02, 2013
The FBI had seized a website called ' Silk Road ', that was considered one of the most popular Underground places on the Internet for buying drugs and other illicit goods and services. They arrested the site's alleged founder,  Ross William Ulbricht, known as " Dread Pirate Roberts ," in San Francisco, who reportedly had  26,000 Bitcoins worth $3.6 million. The FBI used information from Comcast in the investigation and collaborated with US Customs and Border Patrol, the Internal Revenue Service, the Drug Enforcement Administration, and the Department of Homeland Security. Ross Ulbricht Ross William Ulbricht, a 29-year-old graduate of the University of Pennsylvania School of Materials Science and Engineering  charged with one count each of narcotics trafficking conspiracy, computer hacking conspiracy and money laundering conspiracy, according to the filing. ' Silk Road '  website, which had operated since early 2011, also offered tut
FBI compromised Tor hidden service to bust largest Child Pornography Ring

FBI compromised Tor hidden service to bust largest Child Pornography Ring

Sep 14, 2013
A few days before the servers of the largest provider of Ultra Anonymous hosting were found to be serving custom malware designed to identify visitors who were using the Tor service to hide their identity online. The javascript code exploited a security vulnerability in the open-source version of Firefox that the Tor network is based on. In an Irish court, FBI agent admitted publicly that the agency had control of Freedom Hosting , a Tor hidden service operator company, in an effort to arrest a suspect behind the largest child porn facilitator on the planet. Eric Eoin Marques, a 28-year-old Irishman, is now awaiting extradition to the US where he could face 100 years in prison on child pornography charges. Marques is the owner and operator of Freedom Hosting , one of the largest web hosts for the Tor network., Hosting many of the darkest hidden services on the Darknet, including criminal hacking site HackBB, money laundering services, and responsible for hosting chi
Tor Anonymizing network overload caused by Mevade Botnet

Tor Anonymizing network overload caused by Mevade Botnet

Sep 08, 2013
Recently, Tor Project Director - Roger Dingledine described a sudden increase in Tor users on the Tor Network after the events related to disclosure of the PRISM surveillance program, Since August 19, 2013, there has been an impressive growth in the number of Tor users. At first, No one knew who or what is responsible for this spontaneous growth of Tor users, but Security researchers at Fox-IT firm found evidence that the spike in Tor traffic is caused by a Mevade Botnet, that hides its Command-and-Control server in the anonymizing network. The security firm documented the presence of the Mevade malware architecture based on the anonymizing network, " The malware uses a command and control connectivity via Tor .Onion links using HTTP. While some bots continue to operate using the standard HTTP connectivity, some versions of the malware use a peer-to-peer network to communicate (KAD based). " " Typically, it is fairly clear what the purpose of malw
Cybersecurity Resources